Security researcher demonstrates ATM hack at Black Hat

Security researcher Barnaby Jack demonstrated his ATM hack at the Black Hat security conference in Las Vegas. Jack showed how you could walk up to a Windows CE-based ATM and break into it using a common universal key, and then use a USB flash stick to hack the operating system and let the ATM spit out dollar bills and do all sort of other cool tricks.

Jack showed how you could walk up to an ATM, break into it using a common universal key, and then use a universal serial bus (USB) stick to load a rootkit, or hacking software, that could compromise the machine’s security. On stage, he showed how he could run a program that could talk over the machines and get them to display “jackpot!” on the ATM screen and then spit out bills.

The crowd laughed and applauded throughout the attack. He said that the vulnerable machines included those running the Windows CE operating system from Microsoft on ARM or XScale-based chips. By taking over the machines, Jack said he could pretty much do anything with them, like playing movies on the screens.